From cddcf9386e33dadbd32be23cdb279ed5acf019e5 Mon Sep 17 00:00:00 2001
From: rgrund-inform <142391051+rgrund-inform@users.noreply.github.com>
Date: Mon, 4 Dec 2023 21:04:57 +0100
Subject: [PATCH 1/2] feat: Add optional policy_path variable used for policy
 definitions (#60)

Co-authored-by: Anton Babenko <anton@antonbabenko.com>
---
 README.md    | 1 +
 main.tf      | 5 +++++
 variables.tf | 6 ++++++
 3 files changed, 12 insertions(+)

diff --git a/README.md b/README.md
index a49f7f1..0d5442d 100644
--- a/README.md
+++ b/README.md
@@ -200,6 +200,7 @@ No modules.
 | <a name="input_policy"></a> [policy](#input\_policy) | An additional policy document ARN to attach to IAM role | `string` | `null` | no |
 | <a name="input_policy_json"></a> [policy\_json](#input\_policy\_json) | An additional policy document as JSON to attach to IAM role | `string` | `null` | no |
 | <a name="input_policy_jsons"></a> [policy\_jsons](#input\_policy\_jsons) | List of additional policy documents as JSON to attach to IAM role | `list(string)` | `[]` | no |
+| <a name="input_policy_path"></a> [policy\_path](#input\_policy\_path) | Path of IAM policies to use for Step Function | `string` | `null` | no |
 | <a name="input_policy_statements"></a> [policy\_statements](#input\_policy\_statements) | Map of dynamic policy statements to attach to IAM role | `any` | `{}` | no |
 | <a name="input_publish"></a> [publish](#input\_publish) | Determines whether to set a version of the state machine when it is created. | `bool` | `false` | no |
 | <a name="input_role_arn"></a> [role\_arn](#input\_role\_arn) | The Amazon Resource Name (ARN) of the IAM role to use for this Step Function | `string` | `""` | no |
diff --git a/main.tf b/main.tf
index 37a2171..0b121f3 100644
--- a/main.tf
+++ b/main.tf
@@ -116,6 +116,7 @@ resource "aws_iam_policy" "service" {
   for_each = { for k, v in var.service_integrations : k => v if local.create_role && var.attach_policies_for_integrations }
 
   name   = "${local.role_name}-${each.key}"
+  path   = var.policy_path
   policy = data.aws_iam_policy_document.service[each.key].json
   tags   = var.tags
 }
@@ -137,6 +138,7 @@ resource "aws_iam_policy" "additional_json" {
   count = local.create_role && var.attach_policy_json ? 1 : 0
 
   name   = local.role_name
+  path   = var.policy_path
   policy = var.policy_json
   tags   = var.tags
 }
@@ -157,6 +159,7 @@ resource "aws_iam_policy" "additional_jsons" {
   count = local.create_role && var.attach_policy_jsons ? var.number_of_policy_jsons : 0
 
   name   = "${local.role_name}-${count.index}"
+  path   = var.policy_path
   policy = var.policy_jsons[count.index]
   tags   = var.tags
 }
@@ -241,6 +244,7 @@ resource "aws_iam_policy" "additional_inline" {
   count = local.create_role && var.attach_policy_statements ? 1 : 0
 
   name   = "${local.role_name}-inline"
+  path   = var.policy_path
   policy = data.aws_iam_policy_document.additional_inline[0].json
   tags   = var.tags
 }
@@ -283,6 +287,7 @@ resource "aws_iam_policy" "logs" {
   count = local.create_role && local.enable_logging && var.attach_cloudwatch_logs_policy ? 1 : 0
 
   name   = "${local.role_name}-logs"
+  path   = var.policy_path
   policy = data.aws_iam_policy_document.logs[0].json
   tags   = var.tags
 }
diff --git a/variables.tf b/variables.tf
index 445c8ee..93692eb 100644
--- a/variables.tf
+++ b/variables.tf
@@ -246,6 +246,12 @@ variable "policy" {
   default     = null
 }
 
+variable "policy_path" {
+  description = "Path of IAM policies to use for Step Function"
+  type        = string
+  default     = null
+}
+
 variable "policies" {
   description = "List of policy statements ARN to attach to IAM role"
   type        = list(string)

From a7a718bc425487eb99c3defa6403b9a067babe17 Mon Sep 17 00:00:00 2001
From: semantic-release-bot <semantic-release-bot@martynus.net>
Date: Mon, 4 Dec 2023 20:05:21 +0000
Subject: [PATCH 2/2] chore(release): version 4.1.0 [skip ci]

## [4.1.0](https://github.com/terraform-aws-modules/terraform-aws-step-functions/compare/v4.0.1...v4.1.0) (2023-12-04)

### Features

* Add optional policy_path variable used for policy definitions ([#60](https://github.com/terraform-aws-modules/terraform-aws-step-functions/issues/60)) ([cddcf93](https://github.com/terraform-aws-modules/terraform-aws-step-functions/commit/cddcf9386e33dadbd32be23cdb279ed5acf019e5))
---
 CHANGELOG.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c96fe9f..04c24ec 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,13 @@
 
 All notable changes to this project will be documented in this file.
 
+## [4.1.0](https://github.com/terraform-aws-modules/terraform-aws-step-functions/compare/v4.0.1...v4.1.0) (2023-12-04)
+
+
+### Features
+
+* Add optional policy_path variable used for policy definitions ([#60](https://github.com/terraform-aws-modules/terraform-aws-step-functions/issues/60)) ([cddcf93](https://github.com/terraform-aws-modules/terraform-aws-step-functions/commit/cddcf9386e33dadbd32be23cdb279ed5acf019e5))
+
 ### [4.0.1](https://github.com/terraform-aws-modules/terraform-aws-step-functions/compare/v4.0.0...v4.0.1) (2023-10-27)